On Tue, 21 Sep 2004 08:22:09 +0200, Soleyman Luris <[EMAIL PROTECTED]> wrote: > I'm using OpenBSD 3.6-snap and pf as an "invisible" bridge. > > The bridge is fxp0<->fxp1 > xl0 is configured to be a "admin interface" > fxp1 and xl0 are connected to the inner switch where the other hosts are.
There is no advantage to having a separate admin interface if it's on the same segment with your bridge interfaces. I suggest you disable xl0 and assign its IP to fxp0 or fxp1 instead. Then you will be able to admin the machine from either side. If you wish to restrict access to the admin IP, use filter rules. Your setup seems more complex than it needs to be. I don't know if simplifying it will fix either of the problems you are having, but it's worth a try, and your network will be easier to understand which may lead to solving the problems another way. -- Gragnak the Bold
